> FWIW, I have no objection to specifying a new code, but I don't think > adding a "working address" option is feasible or useful.
I understand that adding a new option is much harder than adding a new code point. I am fine with the new code point. > On Fri, 30 Jan 2004, Christian Huitema wrote: > > In a site exit scenario, ingress filtering is performed either at the > > ingress interface of a router, or at one of the exit interfaces on the > > router. I suggest that the source address of the router's ICMP message > > should be one of the global scope addresses associated to that specific > > interface. This gives a strong hint to the host: among the source > > addresses that can be tried, pick the one that is the best match for the > > router's interface. > > I believe that all router implementations pick the source address of > the generated ICMP error messages based on the outgoing interface of > the message: this would be toward the site's internal infrastructure, > and would very likely include addresses from all the prefixes. > > So this would probably not help in this specific case, unless you want > to make a specific exception (which might have some obvious problems). If the site is multi-addressed, the exit router link may or may not be multi-addressed. If it is not, then the global scope address probably matches the egress that the router is managing, and that is fine. If the router link happens to be multi-addressed, then it would be nice to pick the address that is most likely to match filtering. -- Christian Huitema -------------------------------------------------------------------- IETF IPv6 working group mailing list [EMAIL PROTECTED] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
